jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OpenSSL: Fix build with OpenSSL 1.0.2

Browse source 
SSL_use_certificate_chain_file() was added in OpenSSL 1.1.0, so need to
maintain the old version using SSL_use_certificate_file() for backwards
compatibility.

Fixes: 658c39809b ("OpenSSL: Load chain certificates from client_cert file")
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-01-05 11:33:40 +02:00
parent cc0a04ac86
commit 568e890e76
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/crypto/tls_openssl.c
View file

@ -2757,12 +2757,22 @@ static int tls_connection_client_cert(struct tls_connection *conn,
return 0;
}
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
if (SSL_use_certificate_chain_file(conn->ssl, client_cert) == 1) {
ERR_clear_error();
wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_chain_file"
" --> OK");
return 0;
}
#else
if (SSL_use_certificate_file(conn->ssl, client_cert,
SSL_FILETYPE_PEM) == 1) {
ERR_clear_error();
wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_file (PEM)"
" --> OK");
return 0;
}
#endif
tls_show_errors(MSG_DEBUG, __func__,
"SSL_use_certificate_file failed");